Latest news with #TaskUs
Mint
7 hours ago
- Business
- Mint
$400 million Coinbase scam: What role did THIS Indian call centre play in the company's biggest-ever fraud?
American cryptocurrency exchange Coinbase disclosed a major data breach on May 15 that cost the company up to $400 million, affected more than 69,000 customers. Known to be its biggest security failure to date, this incident occurred after hackers bribed customer service workers in India to leak sensitive data, according to a report by Fortune. The report revealed that a loose network of young English-speaking hackers was partially responsible for the scam. Additionally, business process outsourcing units (BPOs) also played a role as a weak link in its security operations. The employees of a US-based customer support company, TaskUs, handling support for Coinbase since 2017, were targeted by hackers. With a significant presence in India, TaskUs laid off 226 Indian staff in Indore, weeks after the security breach was reported. The company paid salaries in the range of $500-$700 per month. Because of low salaries, some employees in India were convinced to transfer confidential customer records for bribes. Coinbase stated it had severed relationships with those individuals and other foreign agents implicated. 'Obviously that's the weakest point in the chain, because there is an economic reason for them to accept the bribe,' Sergio Garcia, founder of the crypto investigations company Tracelon, told Fortune. Hackers used to impersonate Coinbase staff, convincing customers to give up their crypto assets, as stolen information was not enough to get the crypto vaults of the company. This led to huge financial losses. The crypto company has not revealed the exact number of users who have lost money. However, it plans to reimburse the affected customers. A class action lawsuit has been lodged on behalf of Coinbase customers in New York against TaskUs, alleging negligence. The company maintains that all the accusations lack merit, and they are improving security protocols. TaskUs claimed that two agents were involved in a wider plot targeting several service providers associated with Coinbase. 'The Comm' or 'Community," a loosely connected group of young English-speaking cybercriminals who use Telegram and Discord to communicate, are expected to be responsible for the security breach. The group is 'often motivated by attention seeking or the thrill of mischief,' the report states. They also compete with one another to see who can steal more. 'They come from video games, and then they bring their high scores into the real world,' Josh Cooper-Duckett, director of investigations at Cryptoforensic Investigators, told Fortune. 'And their high score in this world is how much money they steal," he added.
Hindustan Times
14 hours ago
- Business
- Hindustan Times
Indian call centre agents accused of leaking customer data in $400 million Coinbase hack
In May, cryptocurrency giant Coinbase revealed a major data breach that affected more than 69,000 customers – its biggest security failure to date. The breach, which could cost the company up to $400 million, happened after hackers bribed customer service workers in India to leak sensitive data, according to a report in Fortune. The hackers targeted employees of TaskUs, a US-based company that provides customer service support to major tech firms. TaskUs has a large presence in India, and its agents have handled support for Coinbase since 2017. In January, TaskUs laid off over 200 Indian staff working for Coinbase – just weeks after the data theft was discovered. TaskUs salaries in India are not high – often between $500 and $700 a month. Due to low salaries, some workers in India were persuaded to hand over confidential customer records in exchange for bribes. Coinbase confirmed it had cut ties with the individuals and other overseas agents involved. 'Obviously that's the weakest point in the chain, because there is an economic reason for them to accept the bribe,' Sergio Garcia, founder of the crypto investigations company Tracelon, told Fortune. The stolen information wasn't enough to access Coinbase's crypto vaults directly. Instead, criminals used it to impersonate Coinbase staff and trick customers into giving up their crypto assets. These social engineering scams led to real financial losses, though Coinbase hasn't revealed how many customers lost funds. The company says it is reimbursing affected users. A class action lawsuit has been filed in New York, accusing TaskUs of negligence. The company insists the claims are baseless and says it's strengthening its security measures. TaskUs believes two agents were part of a broader scheme involving attacks on multiple service providers linked to Coinbase. The hackers are believed to be part of a loosely connected group known as 'the Comm' or 'Community' -- young, English-speaking cybercriminals who coordinate through Telegram and Discord. Unlike traditional hacking groups from Russia or North Korea, the Comm includes thrill-seeking teenagers and young adults who often compete for attention and success online. According to a hacker who spoke with Fortune under the alias 'puffy party,' different members of the group handled different parts of the operation: bribing agents, collecting data, and carrying out scams.
Business Upturn
15 hours ago
- Business
- Business Upturn
SHAREHOLDER INVESTIGATION: Halper Sadeh LLC Investigates AVDX, TASK, BRDG on Behalf of Shareholders
NEW YORK, May 31, 2025 (GLOBE NEWSWIRE) — Halper Sadeh LLC, an investor rights law firm, is investigating the following companies for potential violations of the federal securities laws and/or breaches of fiduciary duties to shareholders relating to: AvidXchange Holdings, Inc. (NASDAQ: AVDX)'s sale to TPG for $10.00 per share in cash. If you are an AvidXchange shareholder, click here to learn more about your legal rights and options. TaskUs, Inc. (NASDAQ: TASK)'s sale to affiliates of Blackstone and executives and founders of TaskUs for $16.50 per share. If you are a TaskUs shareholder, click here to learn more about your rights and options. Bridge Investment Group Holdings Inc. (NYSE: BRDG)'s sale to Apollo. Under the terms of the proposed transaction, Bridge shareholders and Bridge OpCo unitholders will receive, at closing, 0.07081 shares of Apollo stock for each share of Bridge Class A common stock and each Bridge OpCo Class A common unit, respectively. If you are a Bridge shareholder, click here to learn more about your rights and options. Halper Sadeh LLC may seek increased consideration for shareholders, additional disclosures and information concerning the proposed transaction, or other relief and benefits on behalf of shareholders. We would handle the action on a contingent fee basis, whereby you would not be responsible for out-of-pocket payment of our legal fees or expenses. Shareholders are encouraged to contact the firm free of charge to discuss their legal rights and options. Please call Daniel Sadeh or Zachary Halper at (212) 763-0060 or email [email protected] or [email protected]. Halper Sadeh LLC represents investors all over the world who have fallen victim to securities fraud and corporate misconduct. Our attorneys have been instrumental in implementing corporate reforms and recovering millions of dollars on behalf of defrauded investors. Attorney Advertising. Prior results do not guarantee a similar outcome. Contact Information:Halper Sadeh LLCDaniel Sadeh, Halper, World Trade Center85th FloorNew York, NY 10007(212) 763-0060 [email protected] [email protected]
Yahoo
3 days ago
- Business
- Yahoo
Inside the $400 million Coinbase breach: An Indian call center and teenage hackers
On May 15, Coinbase revealed that criminals had stolen personal data from tens of thousands of customers—the biggest security incident in the company's history, and one that is poised to cost it as much as $400 million. The breach is notable not only for its scale, but the way the hackers went about it: Bribing overseas customer support agents to share confidential customer records. Coinbase has responded by publicly announcing it had put a $20 million bounty on those who stole the data, and who sought to blackmail the company so as not to reveal the incident. But it has shared few details about who carried out the attack or how the hackers were able to target its agents so successfully. A recent investigation by Fortune, including a review of email messages between Coinbase and one of the hackers, has uncovered new details about the incident that strongly suggest a loose network of young English-speaking hackers are partly responsible. Meanwhile, the findings also highlight the role of so-called BPOs, or business process outsourcing units, as a weak link in tech firms' security operations. The story starts with a small but publicly traded company based in New Braunfels, Texas, called TaskUs. Like other BPOs, it provides customer services to big tech at a low cost by employing staff overseas. In January, TaskUs laid off 226 staff members working for Coinbase from its service center in Indore, India, according to a company spokesperson. Since 2017, according to a filing with the Securities and Exchange Commission, TaskUs has provided customer service personnel to Coinbase, an arrangement that reaps the U.S. crypto giant significant savings in labor costs. But there's a catch, of course: When customers email to inquire about their accounts or a new Coinbase product, they're likely talking to an overseas TaskUs employee. And because these agents earn low wages compared to workers in the U.S., they've proved susceptible to bribes. 'Early this year we identified two individuals who illegally accessed information from one of our clients,' a TaskUs spokesperson told Fortune, in reference to Coinbase. 'We believe these two individuals were recruited by a much broader, coordinated criminal campaign against this client that also impacted a number of other providers servicing this client.' The TaskUs firings in January came less than a month after Coinbase discovered theft of customer data, according to a regulatory filing from the company. On Tuesday, a federal class action suit filed in New York on behalf of Coinbase customers accused TaskUs of negligence in protecting customer data. 'While we cannot comment on litigation, we believe these claims are without merit and intend to defend ourselves,' a TaskUs spokesperson said. 'We place the highest priority on safeguarding the data of our clients and their customers and continue to strengthen our global security protocols and training programs.' A person familiar with the security incident, who asked not to be identified in order to speak candidly, said the hackers had also targeted other BPOs, in some cases successfully, and that the nature of the data stolen varied according to each incident. This stolen data was not enough for the hackers to break into Coinbase's crypto vaults. But it did provide a wealth of information to help criminals pose as fake Coinbase agents, who contacted customers and persuaded them to hand over their crypto funds. The company says the hackers stole the data of over 69,000 customers, but did not say how many of these had been victims of so-called social engineering scams. The social engineering scams in this case involved criminals who used the stolen data to impersonate Coinbase employees and persuade victims to transfer their crypto funds. 'As we've already disclosed, we recently discovered that a threat actor had solicited overseas agents to capture customer account information dating back to December of 2024. We notified affected users and regulators, cut ties with the TaskUs personnel involved and other overseas agents, and tightened controls,' said Coinbase in a statement, adding it is reimbursing customers who lost funds in the scams. Coinbase also stated that the $400 million figure it has cited publicly as the overall cost of the breach is at the top end of its estimates, and that its low-end figure is $180 million. While social engineering scams that revolve around impersonation of company representatives are hardly new, the scale at which hackers targeted BPOs does appear to be novel. And while no one has definitively identified the perpetrators, a number of clues point strongly to a loosely affiliated network of young English-speaking hackers. In the days following the disclosure of the Coinbase breach in mid-May, Fortune exchanged messages on Telegram with an individual who called himself 'puffy party' and who claims to be one of the hackers. Two other security researchers who spoke with the anonymous hacker told Fortune they found the individual to be credible. 'Based on what he shared with me, I took his statements seriously and was unable to find evidence that his statements were false,' said one. Both researchers requested anonymity because they were afraid of receiving subpoenas for speaking with the purported hacker. In the exchanges, the individual shared numerous screenshots of what they said were emails with Coinbase's security team. The name they used to communicate with the company was 'Lennard Schroeder.' They also shared screenshots of a Coinbase account belonging to a former executive of the company that displayed crypto transactions and extensive personal details. Coinbase did not deny the authenticity of the screenshots. The emails shared by the purported hacker include the blackmail threat for $20 million in Bitcoin, which Coinbase refused to pay, and mocking comments about how the hacking group would use some of the proceeds to purchase hair for Brian Armstrong, the company's bald CEO. 'We're willing to sponsor a hair transplant so that he may graciously traverse the world with a fresh set of hair,' wrote the hackers. In the Telegram messages, the person—whose existence Fortune learned of from a security researcher—expressed contempt for Coinbase. Many crypto robberies are carried out by Russian criminal gangs or the North Korean military, but the alleged hacker says the job was pulled off by a loose affiliation of teenagers and 20-somethings alternatively called the 'Comm' or 'Com' —shorthand for the Community. In the last two years, reports of the Comm have bubbled up in media reports about other hacking incidents, including a New York Times story earlier this month in which one of the alleged perpetrators of a series of crypto thefts identified himself as a member of the group. And in 2023, hackers, whom investigators identified as part of the Comm, targeted the online operations of a handful of Las Vegas casinos and tried to extort MGM Resorts for $30 million, according to the Wall Street Journal. Unlike the Russian and North Korean crypto hackers, who are typically seeking only money, members of the Comm are often motivated by attention seeking or the thrill of mischief as well. They sometimes collaborate on hacking attacks but also compete with each other to see who can steal more. 'They come from video games, and then they bring their high scores into the real world,' said Josh Cooper-Duckett, director of investigations at Cryptoforensic Investigators. 'And their high score in this world is how much money they steal.' In the Telegram messages, the purported hacker said that members of the Comm specialize in different parts of a heist. The hacker's team bribed the customer support agents and gathered the customer data, which they gave to others outside of their group who are well-versed in carrying out social engineering scams. They added that different Comm-affiliated groups coordinated on social platforms like Telegram and Discord about how to carry out different portions of the operation and agreed to split the proceeds. Sergio Garcia, founder of the crypto investigations company Tracelon, told Fortune that the hacker's description of the Coinbase exploit mirrors his observations of how the Comm operates and other crypto social engineering scams. The person familiar with the security incidents said those who targeted customers in recent social engineering scams spoke in unaccented North American English. TaskUs workers in India are paid between $500 and $700 per month, according to a source familiar with the BPO workers' wages. TaskUs declined to comment. Even though that amounts to more than India's gross domestic product per person, the low wages of customer support agents often make them more susceptible to bribes, Garcia told Fortune. 'Obviously that's the weakest point in the chain, because there is an economic reason for them to accept the bribe,' he added. This story was originally featured on
Business Upturn
24-05-2025
- Business
- Business Upturn
SHAREHOLDER INVESTIGATION: Halper Sadeh LLC Investigates TASK, RDFN, DNB on Behalf of Shareholders
NEW YORK, May 24, 2025 (GLOBE NEWSWIRE) — Halper Sadeh LLC, an investor rights law firm, is investigating the following companies for potential violations of the federal securities laws and/or breaches of fiduciary duties to shareholders relating to: TaskUs, Inc. (NASDAQ: TASK)'s sale to affiliates of Blackstone and executives and founders of TaskUs for $16.50 per share. If you are a TaskUs shareholder, click here to learn more about your rights and options. Redfin Corporation (NASDAQ: RDFN)'s sale to Rocket Companies for 0.7926 shares of Rocket Companies Class A common stock for each share of Redfin common stock. If you are a Redfin shareholder, click here to learn more about your rights and options. Dun & Bradstreet Holdings, Inc. (NYSE: DNB)'s sale to Clearlake Capital Group, L.P. for $9.15 in cash per share. If you are a Dun & Bradstreet shareholder, click here to learn more about your legal rights and options. Halper Sadeh LLC may seek increased consideration for shareholders, additional disclosures and information concerning the proposed transaction, or other relief and benefits on behalf of shareholders. We would handle the action on a contingent fee basis, whereby you would not be responsible for out-of-pocket payment of our legal fees or expenses. Shareholders are encouraged to contact the firm free of charge to discuss their legal rights and options. Please call Daniel Sadeh or Zachary Halper at (212) 763-0060 or email [email protected] or [email protected]. Halper Sadeh LLC represents investors all over the world who have fallen victim to securities fraud and corporate misconduct. Our attorneys have been instrumental in implementing corporate reforms and recovering millions of dollars on behalf of defrauded investors. Attorney Advertising. Prior results do not guarantee a similar outcome. Contact Information:Halper Sadeh LLCDaniel Sadeh, Halper, World Trade Center85th FloorNew York, NY 10007(212) 763-0060 [email protected] [email protected]
